This specification relates to providing security protection that is aided by contextual data. Online account takeover, hijacking, and compromises are an issue for online service providers. One way to address security issues is to establish a white list of IP addresses that are permitted to log into each account. White lists may be used to identify trusted IP addresses or other information used to authenticate user credentials.